You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/resources/kibana_alerting_rule.md
+14-1Lines changed: 14 additions & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -55,7 +55,6 @@ Could not create API key - Unsupported scheme "ApiKey" for granting API Key
55
55
-`consumer` (String) The name of the application or feature that owns the rule.
56
56
-`interval` (String) The check interval, which specifies how frequently the rule conditions are checked. The interval must be specified in seconds, minutes, hours or days.
57
57
-`name` (String) The name of the rule. While this name does not have to be unique, a distinctive name can help you identify a rule.
58
-
-`notify_when` (String) Defines how often alerts generate actions. Valid values include: `onActionGroupChange`: Actions run when the alert status changes; `onActiveAlert`: Actions run when the alert becomes active and at each check interval while the rule conditions are met; `onThrottleInterval`: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met. NOTE: This is a rule level property; if you update the rule in Kibana, it is automatically changed to use action-specific `notify_when` values.
59
58
-`params` (String) The rule parameters, which differ for each rule type.
60
59
-`rule_type_id` (String) The ID of the rule type that you want to call when the rule is scheduled to run. For more information about the valid values, list the rule types using [Get rule types API](https://www.elastic.co/guide/en/kibana/master/list-rule-types-api.html) or refer to the [Rule types documentation](https://www.elastic.co/guide/en/kibana/master/rule-types.html).
61
60
@@ -64,6 +63,7 @@ Could not create API key - Unsupported scheme "ApiKey" for granting API Key
64
63
-`actions` (Block List) An action that runs under defined conditions. (see [below for nested schema](#nestedblock--actions))
65
64
-`alert_delay` (Number) A number that indicates how many consecutive runs need to meet the rule conditions for an alert to occur.
66
65
-`enabled` (Boolean) Indicates if you want to run the rule on an interval basis.
66
+
-`notify_when` (String) Defines how often alerts generate actions. Valid values include: `onActionGroupChange`: Actions run when the alert status changes; `onActiveAlert`: Actions run when the alert becomes active and at each check interval while the rule conditions are met; `onThrottleInterval`: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met. NOTE: This is a rule level property; if you update the rule in Kibana, it is automatically changed to use action-specific `notify_when` values.
67
67
-`rule_id` (String) A UUID v1 or v4 to use instead of a randomly generated ID.
68
68
-`space_id` (String) An identifier for the space. If space_id is not provided, the default space is used.
69
69
-`tags` (List of String) A list of tag names that are applied to the rule.
@@ -86,8 +86,21 @@ Required:
86
86
87
87
Optional:
88
88
89
+
-`frequency` (Block List, Max: 1) The parameters for the action, which are sent to the connector. (see [below for nested schema](#nestedblock--actions--frequency))
89
90
-`group` (String) The group name, which affects when the action runs (for example, when the threshold is met or when the alert is recovered). Each rule type has a list of valid action group names.
90
91
92
+
<aid="nestedblock--actions--frequency"></a>
93
+
### Nested Schema for `actions.frequency`
94
+
95
+
Required:
96
+
97
+
-`notify_when` (String) Defines how often alerts generate actions. Valid values include: `onActionGroupChange`: Actions run when the alert status changes; `onActiveAlert`: Actions run when the alert becomes active and at each check interval while the rule conditions are met; `onThrottleInterval`: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met. NOTE: This is a rule level property; if you update the rule in Kibana, it is automatically changed to use action-specific `notify_when` values.
98
+
-`summary` (Boolean) Indicates whether the action is a summary.
99
+
100
+
Optional:
101
+
102
+
-`throttle` (String) Defines how often an alert generates repeated actions. This custom action interval must be specified in seconds, minutes, hours, or days. For example, 10m or 1h. This property is applicable only if `notify_when` is `onThrottleInterval`. NOTE: This is a rule level property; if you update the rule in Kibana, it is automatically changed to use action-specific `throttle` values.
0 commit comments